<?php
/**
 * 角色 CURD 操作
 *
 * @author     mole <mole1230@gmail.com>
 * @version    $Id: RoleController.php 85 2011-01-07 08:40:13Z mole1230 $
 */
class RoleController extends XController
{
	public function filters()
	{
		$filters = parent::filters();
		$filters[] = 'authorize';
		
		return $filters;
	}
	
	/**
	 * 对进行数据表更新操作进用户等级控制
	 * 
	 * @param CFilterChain $filterChain
	 */
	public function filterAuthorize($filterChain)
	{
		if ($this->user->id != Admin::SUPER_ADMIN_ID) {
			$act = $this->getAction()->getId();
			$update = array('update', 'delete');
			$create = array('create');
			if (in_array($act, $update)) {
				$id = $_GET['id'];
				$model = $this->loadModel($id);
				if ($this->user->admin_role_id <= $model->admin_role_id) {
					throw new CHttpException(403);
				}
			} else if (in_array($act, $create) && isset($_POST['AdminRole'])) {
				if ($this->user->admin_role_id <= $_POST['AdminRole']['id']) {
					throw new CHttpException(403);
				}
			}
		}
		
		$filterChain->run();
	}
	
	public function actionIndex()
	{
		$model = AdminRole::model()->search($this->user->admin_role_id);
		$this->render('index', array(
			'model' => $model
		));
	}
	
	public function actionCreate()
	{
		$model = new AdminRole();
		if (isset($_POST['AdminRole'])) {
			$model->attributes = $_POST['AdminRole'];
			$model->acls = json_encode($this->_collectAcls());
			try {
				if ($model->save()) {
					$this->info(Yii::t('code', 'A00002'));
					$this->redirect(array('create'));
				} else {
					$this->error($model->getErrors());
				}
			} catch (CDbException $e) {
				if ($e->getCode() == F::DB_DUPLICATE) {
					// 主键冲突
					$this->error(Yii::t('code', 'B10006'));
				} else {
					throw $e;
				}
			}
		}

		$this->render('update', array(
			'model' => $model,
			'menu' => $this->assembleMenu($this->user->admin_role_id, $this->user->acls),
			'acls' => json_decode($model->acls, true)
		));
	}
	
	public function actionUpdate($id)
	{
		$model = $this->loadModel($id);
		if (isset($_POST['AdminRole'])) {
			$model->attributes = $_POST['AdminRole'];
			$model->acls = json_encode($this->_collectAcls());
			
			if ($model->save()) {
				if ($this->user->admin_role_id == $id) {
					$this->user->setState('acls', json_decode($model->acls, true));
				}
				$this->info(Yii::t('code', 'A00002'));
			} else {
				$this->error($model->getErrors());	
			}
		}

		$this->render('update', array(
			'model' => $model,
			'menu' => $this->assembleMenu($this->user->admin_role_id, $this->user->acls),
			'acls' => json_decode($model->acls, true)
		));
	}
	
	public function actionDelete($id)
	{
		$this->responseJson();
	}
	
	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * 
	 * @param int $id the ID of the model to be loaded
	 * @return AdminRole
	 */
	public function loadModel($id)
	{
		$model = AdminRole::model()->findByPk((int) $id);
		if ($model === null) {
			throw new CHttpException(404, 'The requested page does not exist.');
		}
		return $model;
	}
	
	private function _collectAcls()
	{
		$ctrls = $acts = array();
		if (isset($_POST['ctrls'])) {
			foreach ($_POST['ctrls'] as $ctrl) {
				if (isset($this->menu[$ctrl])) {
					$ctrls[$ctrl] = 1;
				}
			}
		}
		
		if (isset($_POST['acts'])) {
			foreach ($_POST['acts'] as $act) {
				$tmp = explode('/', $act);
				if (count($tmp) == 2) {
					$ctrl = $tmp[0];
					$act = $tmp[1];
					if (isset($this->menu[$ctrl]) && isset($this->menu[$ctrl]['actions'][$act])) {
						$acts[$ctrl][$act] = 1;
					}
				}
			}
		}

		return array('ctrls' => $ctrls, 'acts' => $acts);
	}
}
